Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

macOS 15 CIS Benchmarks: add 2.6.3.1 through 2.6.3.5 & 2.7.2 #24647

Open
19 tasks
noahtalerman opened this issue Dec 11, 2024 · 1 comment
Open
19 tasks

macOS 15 CIS Benchmarks: add 2.6.3.1 through 2.6.3.5 & 2.7.2 #24647

noahtalerman opened this issue Dec 11, 2024 · 1 comment
Assignees
@defensivedepth @sharon-fdm
Labels
customer-ufa #g-endpoint-ops Endpoint ops product group #g-orchestration Orchestration product group :release Ready to write code. Scheduled in a release. See "Making changes" in handbook. story A user story defining an entire feature

Comments

@noahtalerman
Copy link
Member

noahtalerman commented Dec 11, 2024
edited by sharon-fdm
Loading

Goal

User story
As an endpoint engineer,
I want Fleet to support the 2.6.3.5 & 2.7.2 macOS 15 CIS Benchmarks
so that I can check whether my workstations meet these compliance needs.

Key result

None. Fleet is committed to maintaining CIS Benchmarks for Windows and Mac workstations.

Original requests

#23006

Context

Changes

Product

  • CIS policies changes: Add policies for macOS 15 to cover 2.6.3.1 through 2.6.3.5 & 2.7.2
  • Feature guide changes: No changes
  • Other reference documentation changes:
    • Remove 2.6.3.1 through 2.6.3.5 & 2.7.2 from the "Missing items" list in the macOS 15 README
  • UI changes: No changes
  • CLI (fleetctl) usage changes: No changes
  • YAML changes: No changes
  • REST API changes: No changes
  • Activity changes: No changes
  • Permissions changes: No changes
  • Changes to paid features or tiers: Fleet Premium only
  • Other reference documentation changes: No changes
  • Once shipped, requester has been notified
  • Once shipped, dogfooding issue has been filed

Engineering

  • Fleet's agent (fleetd) changes: No
  • Database schema migrations: No
  • Load testing: No

ℹ️  Please read this issue carefully and understand it. Pay special attention to UI wireframes, especially "dev notes".

QA

Risk assessment

  • Requires load testing: No
  • Risk level: Low / High Low
  • Risk description: Policy yml changes that do not affect the agent or server. Potential bugs in the queries themselves.

Manual testing steps

  1. Step 1
  2. Step 2
  3. Step 3

Testing notes

Confirmation

  1. Engineer (@____): Added comment to user story confirming successful completion of QA.
  2. QA (@____): Added comment to user story confirming successful completion of QA.
@noahtalerman noahtalerman added story A user story defining an entire feature :product Product Design department (shows up on 🦢 Drafting board) #g-endpoint-ops Endpoint ops product group labels Dec 11, 2024
This was referenced Dec 11, 2024
Closed
Open
@noahtalerman
Copy link
Member Author

noahtalerman commented Dec 11, 2024
edited by sharon-fdm
Loading

Engineering

  • Fleet's agent (fleetd) changes: TO-DO
  • Database schema migrations: TO-DO
  • Load testing: TO-DO

@sharon-fdm can you please fill out the TO-DOs in the "Engineering" section in the issue description? If there are no changes please put "No changes"

I think you mentioned that adding these benchmarks will require fleetd changes. Can you please work with Josh specify those so the rest of the team knows what's changing? Thanks!

Edit by Sharon: added '-' so the TO-DO do not appear is search.

@sharon-fdm sharon-fdm added :release Ready to write code. Scheduled in a release. See "Making changes" in handbook. and removed :product Product Design department (shows up on 🦢 Drafting board) labels Dec 12, 2024
@defensivedepth defensivedepth mentioned this issue Dec 16, 2024
Open
@lukeheath lukeheath added the #g-orchestration Orchestration product group label Dec 19, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@defensivedepth defensivedepth

@sharon-fdm sharon-fdm

Labels
customer-ufa #g-endpoint-ops Endpoint ops product group #g-orchestration Orchestration product group :release Ready to write code. Scheduled in a release. See "Making changes" in handbook. story A user story defining an entire feature
Milestone
No milestone
Development

No branches or pull requests
4 participants
@defensivedepth @lukeheath @noahtalerman @sharon-fdm